mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

resolver: Himmelblau needs old token for refresh (#1962)

Browse source 
Himmelblau needs access to the old token during
a refresh otherwise the GECOS is lost (AAD
responds with everything we need except GECOS).

Signed-off-by: David Mulder <dmulder@samba.org>
This commit is contained in:
David Mulder 2023-08-09 15:36:36 -06:00 committed by GitHub
parent f472c48518
commit 498be4f08a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
unix_integration/src/idprovider/interface.rs
View file

@ -55,7 +55,7 @@ pub struct UserToken {
pub trait IdProvider {
async fn provider_authenticate(&self) -> Result<(), IdpError>;
async fn unix_user_get(&self, id: &Id) -> Result<UserToken, IdpError>;
async fn unix_user_get(&self, id: &Id, old_token: Option<UserToken>) -> Result<UserToken, IdpError>;
async fn unix_user_authenticate(
&self,

2
unix_integration/src/idprovider/kanidm.rs
View file

@ -79,7 +79,7 @@ impl IdProvider for KanidmProvider {
}
}
async fn unix_user_get(&self, id: &Id) -> Result<UserToken, IdpError> {
async fn unix_user_get(&self, id: &Id, _old_token: Option<UserToken>) -> Result<UserToken, IdpError> {
match self
.client
.read()

2
unix_integration/src/resolver.rs
View file

@ -393,7 +393,7 @@ where
account_id: &Id,
token: Option<UserToken>,
) -> Result<Option<UserToken>, ()> {
match self.client.unix_user_get(account_id).await {
match self.client.unix_user_get(account_id, token.clone()).await {
Ok(mut n_tok) => {
if self.check_nxset(&n_tok.name, n_tok.gidnumber).await {
// Refuse to release the token, it's in the denied set.